What India's new crypto laundering laws mean for you
Effective 7 March 2023, crypto service providers such as exchanges, custodians & wallet providers are subject to new anti-money laundering laws in India.
Note: This post is intended for informational purposes only and is not a substitute for professional legal advice. For specific guidance on how these laws may apply to your situation, please consult with a qualified legal professional.
Effective March 7, 2023, crypto service providers (CSPs) such as exchanges, custodians & wallet providers are subject to new anti-money laundering laws in India. These laws require strict compliance measures to prevent money laundering & related financial crimes.
Non-compliance with these regulations can result in hefty penalties and even imprisonment.
It is important to note that these regulations apply to crypto service providers & web3 projects and not individual retail investors.
In my view, these regulations are a positive step towards reducing the use of cryptocurrencies for illicit purposes in India and promoting the legitimacy of the crypto industry.
1. What is money laundering law?
Money laundering is the process of disguising the illegal origin of "black money" and making it appear "white money" or legitimate money.
The process usually involves a series of transactions that conceal the source & ownership of the funds.
In India, the Prevention of Money Laundering Act (PMLA) was enacted in 2002 to prevent money laundering & terrorist financing. PMLA is a very strict law that provides for hefty penalties, imprisonment, and cancellation of licenses & registrations.
The PMLA rules apply not only to cryptocurrency service providers but also to entities like banks, capital market intermediaries, casino operators, real estate agents, dealers in precious metals and stones, and those handling cash and liquid securities on behalf of others.
Failure to comply with these regulations can lead to severe consequences, including fines, imprisonment, and reputational damage.
2. What is cryptocurrency under Indian laws?
Cryptocurrencies are classified as Virtual Digital Assets (VDAs) under section 2(47A) of the Income-tax Act, 1961 in India.
This definition encompasses a range of digital assets, including:
cryptocurrencies like Bitcoin (BTC), Ether (ETH), Dogecoin (DOGE) & Shiba Inu (SHIB)
stablecoins like Tether (USDT),
governance tokens like UNI, and
digital art NFTs.
VDAs do NOT include:
Gift cards or vouchers
Mileage points
Reward points or loyalty cards
Subscription to websites or platforms or applications
NFTs backed by tangible assets
For the purposes of this post, the terms cryptocurrencies, cryptos, and VDAs are used interchangeably.
3. Which cryptocurrency service providers come under the new rules?
The following cryptocurrency service providers (CSP) come under the laundering rules:
Centralized exchanges
Decentralized exchanges
Crypto custodial services
Custodial & non-custodial crypto wallets
Crypto payment gateways
Crypto ATM providers
Crypto loan providers
Crypto investment platforms
Peer-to-peer platform providers
Providers of financial services for crypto fundraising e.g. ICOs, IEOs, IDOs, SAFT, STOs, etc.
Decentralized Finance (DeFi) platforms
Non-Fungible Tokens (NFTs) platforms
Cryptocurrency mixer services
Cryptocurrency mining service providers
Crypto Wallet Service providers
Some of these MAY also come under the laundering rules:
Decentralized Applications (DApps)
Blockchain-based marketplaces
Decentralized Autonomous Organizations (DAOs)
Web3 infrastructure projects
Decentralized social media platforms
Gaming platforms
Note: This list is not exhaustive.
4. Does your Web3 project come under crypto laundering laws?
Yes, if your project carries out one or more of these activities for or on behalf of someone else:
Exchange between cryptos and fiat currencies.
Exchange between one or more forms of cryptos.
Transfer of cryptos.
Safekeeping or administration of cryptos.
Safekeeping or administration of instruments enabling control over cryptos.
Participation in and provision of financial services related to an issuer’s offer and sale of cryptos.
5. What legal compliances must cryptocurrency service providers follow?
Cryptocurrency service providers (CSPs) must comply with the following legal obligations:
1. Customer due diligence
CSPs must have robust processes in place to:
identify & verify the identity of their customers,
obtain information on the purpose & nature of the business relationship,
conduct ongoing monitoring of transactions.
2. Maintenance of records for 5 years
CSPs must maintain records of transactions and other relevant information for a minimum of 5 years. The records should include:
the nature & value of the transactions,
the identity of the customers,
the method of payment.
3. Reporting of suspicious transactions
CSPs must report suspicious transactions to the Financial Intelligence Unit (FIU) of India. The report should include information on:
the nature & value of the transaction,
the identity of the customer,
any other relevant information.
4. Appointment of Compliance Officers
CSPs must appoint a Compliance Officer to ensure compliance with PMLA. The compliance officer will be responsible for implementing the internal policies, procedures & controls to prevent money laundering and terrorist financing.
5. Implementation of internal policies, procedures & controls
CSPs must implement internal policies, procedures & controls to prevent money laundering & terrorist financing. The policies & procedures must be risk-based and must cover areas such as:
customer identification,
record-keeping & reporting of suspicious transactions.
6. Employee training
CSPs must train their employees on anti-money laundering (AML) and countering the financing of terrorism (CFT) measures. The training should cover:
customer due diligence,
reporting of suspicious transactions, and
the importance of AML/CFT measures.
Failure to comply with these legal obligations can result in hefty penalties, imprisonment, and cancellation of licenses or registrations.
It's important to note that these rules apply to CSPs and not to individual investors.
If you would like to learn more about anti-money laundering laws, especially in the context of cryptocurrencies, join the Executive Program in Blockchain Law by Asian School of Cyber Laws.
This course is also highly recommended for founders & legal teams of Web3 projects.
Well explained Rohas. Thanks for providing clarity on the types of entities and activities covered.